Docjar: A Java Source and Docuemnt Enginecom.*    java.*    javax.*    org.*    all    new    plug-in

Quick Search    Search Deep

gnu.javax.crypto.assembly.* (13)gnu.javax.crypto.cipher.* (16)gnu.javax.crypto.jce.* (85)
gnu.javax.crypto.key.* (34)gnu.javax.crypto.keyring.* (24)gnu.javax.crypto.mac.* (11)
gnu.javax.crypto.mode.* (11)gnu.javax.crypto.pad.* (9)gnu.javax.crypto.prng.* (8)
gnu.javax.crypto.sasl.* (47)

gnu.javax.crypto: Javadoc index of package gnu.javax.crypto.


Package Samples:

gnu.javax.crypto.assembly
gnu.javax.crypto.cipher
gnu.javax.crypto.jce.cipher
gnu.javax.crypto.jce
gnu.javax.crypto.jce.key
gnu.javax.crypto.jce.keyring
gnu.javax.crypto.jce.mac
gnu.javax.crypto.jce.params
gnu.javax.crypto.jce.prng
gnu.javax.crypto.jce.sig
gnu.javax.crypto.jce.spec
gnu.javax.crypto.key.dh
gnu.javax.crypto.key.srp6
gnu.javax.crypto.key
gnu.javax.crypto.keyring
gnu.javax.crypto.mac
gnu.javax.crypto.mode
gnu.javax.crypto.pad
gnu.javax.crypto.prng
gnu.javax.crypto.sasl.anonymous

Classes:

OFB: The Output Feedback (OFB) mode is a confidentiality mode that requires a unique IV for every message that is ever encrypted under the given key. The OFB mode is defined as follows: OFB Encryption: I 1 = IV; I j = O j -1 for j = 2...n; O j = CIPH K (I j ) for j = 1, 2...n; C j = P j XOR O j for j = 1, 2...n. OFB Decryption: I 1 = IV; I j = O j -1 for j = 2...n; O j = CIPH K (I j ) for j = 1, 2...n; P j = C j XOR O j for j = 1, 2...n. In OFB encryption, the IV is transformed by the forward cipher function to produce the first output block. The first output block is exclusive-ORed with the first plaintext ...
UMac32: The implementation of the UMAC (Universal Message Authentication Code). The UMAC algorithms described are parameterized . This means that various low-level choices, like the endian convention and the underlying cryptographic primitive, have not been fixed. One must choose values for these parameters before the authentication tag generated by UMAC (for a given message, key, and nonce) becomes fully-defined. In this document we provide two collections of parameter settings, and have named the sets UMAC16 and UMAC32 . The parameter sets have been chosen based on experimentation and provide good performance ...
ICMGenerator: Counter Mode is a way to define a pseudorandom keystream generator using a block cipher. The keystream can be used for additive encryption, key derivation, or any other application requiring pseudorandom data. In ICM, the keystream is logically broken into segments. Each segment is identified with a segment index, and the segments have equal lengths. This segmentation makes ICM especially appropriate for securing packet-based protocols. This implementation adheres to the definition of the ICM keystream generation function that allows for any symetric key block cipher algorithm (initialisation parameter ...
Cast5: An implmenetation of the CAST5 (a.k.a. CAST-128) algorithm, as per RFC-2144 , dated May 1997. In this RFC, Carlisle Adams (the CA in CAST, ST stands for Stafford Tavares ) describes CAST5 as: "...a DES-like Substitution-Permutation Network (SPN) cryptosystem which appears to have good resistance to differential cryptanalysis, linear cryptanalysis, and related-key cryptanalysis. This cipher also possesses a number of other desirable cryptographic properties, including avalanche, Strict Avalanche Criterion (SAC), Bit Independence Criterion (BIC), no complementation property, and an absence of weak ...
UMacGenerator: KDF s (Key Derivation Functions) are used to stretch user-supplied key material to specific size(s) required by high level cryptographic primitives. Described in the UMAC paper, this function basically operates an underlying symmetric key block cipher instance in output feedback mode (OFB), as a strong pseudo-random number generator. UMacGenerator requires an index parameter (initialisation parameter gnu.crypto.prng.umac.kdf.index taken to be an instance of java.lang.Integer with a value between 0 and 255 ). Using the same key, but different indices, generates different pseudorandom outputs. This ...
ICM: An implementation of David McGrew Integer Counter Mode (ICM) as an IMode . ICM is a way to define a pseudorandom keystream generator using a block cipher. The keystream can be used for additive encryption, key derivation, or any other application requiring pseudorandom data. In the case of this class, it is used as additive encryption, XOR-ing the keystream with the input text --for both encryption and decryption. In ICM, the keystream is logically broken into segments. Each segment is identified with a segment index, and the segments have equal lengths. This segmentation makes ICM especially appropriate ...
Transformer: A Transformer is an abstract representation of a two-way transformation that can be chained together with other instances of this type. Examples of such transformations in this library are: Cascade cipher, gnu.crypto.pad.IPad algorithm, and a ZLib-based deflater/inflater algorithm. A special implementation of a Transformer to close a chain is also provided. A Transformer is characterised by the followings: It can be chained to other instances, to form an Assembly . When configured in an Assembly , it can be set to apply its internal transformation on the input data stream before (pre-processing) ...
Stage: A Stage in a Cascade Cipher. Each stage may be either an implementation of a Block Cipher Mode of Operation ( gnu.javax.crypto.mode.IMode ) or another Cascade Cipher ( Cascade ). Each stage has also a natural operational direction when constructed for inclusion within a Cascade . This natural direction dictates how data flows from one stage into another when stages are chained together in a cascade. One can think of a stage and its natural direction as the specification of how to wire the stage into the chain. The following diagrams may help understand the paradigme. The first shows two stages ...
IMac: The basic visible methods of any MAC (Message Authentication Code) algorithm. A MAC provides a way to check the integrity of information transmitted over, or stored in, an unreliable medium, based on a secret key. Typically, MAC s are used between two parties, that share a common secret key, in order to validate information transmitted between them. When a MAC algorithm is based on a cryptographic hash function, it is then called to a HMAC (Hashed Message Authentication Code) --see RFC-2104 . Another type of MAC algorithms exist: UMAC or Universal Message Authentication Code , described in draft-krovetz-umac-01.txt ...
IMode: The basic visible methods of any block cipher mode. Block ciphers encrypt plaintext in fixed size n-bit blocks. For messages larger than n bits, the simplest approach is to segment the message into n-bit blocks and process (encrypt and/or decrypt) each one separately (Electronic Codebook or ECB mode). But this approach has disadvantages in most applications. The block cipher modes of operations are one way of working around those disadvantages. A Mode always employs an underlying block cipher for processing its input. For all intents and purposes, a Mode appears to behave as any other block cipher ...
CALG: A Factory class that returns CALG (Confidentiality Algorithm) instances that operate as described in the draft-burdis-cat-sasl-srp-08. The designated CALG block cipher should be used in OFB (Output Feedback Block) mode in the ISO variant, as described in The Handbook of Applied Cryptography , algorithm 7.20. Let k be the block size of the chosen symmetric key block cipher algorithm; e.g. for AES this is 128 bits or 16 octets. The OFB mode used shall be of length/size k . It is recommended that block ciphers operating in OFB mode be used with an Initial Vector (the mode's IV). In such a mode of ...
ElGamalKeyAgreement: The ElGamal key agreement, also known as the half-certified Diffie-Hellman key agreement, is described in the Handbook of Applied Cryptography [HAC] as follows: A sends to B a single message allowing one-pass key agreement. A obtains an authentic copy of B's public key (p, g, yb), where yb = g**xb. A chooses a random integer x, 1 <= x <= p-2, and sends B the message g**x. A computes the shared secret key K as yb**x. B computes the same key K on receipt of the previous message as (g**x)**xb. RFC-2631 describes an Ephemeral-Static Mode of operations with Diffie-Hellman keypairs as follows: ...
DiffieHellmanKeyAgreement: The basic version of the Diffie-Hellman key agreement is described in the Handbook of Applied Cryptography [HAC] as follows: An appropriate prime p and generator g of Z p * (2 <= g <= p-2) are selected and published. A and B each send the other one message over an open channel; as a result, they both can then compute a shared secret key K which they can use to protect their future communication. A chooses a random secret x, 1 <= x <= p-2, and sends B message (1) which is g^x mod p. B chooses a random secret y, 1 <= y <= p-2, and sends A message (2) which is g^y mod p. B receives ...
UHash32: UHASH is a keyed hash function, which takes as input a string of arbitrary length, and produces as output a string of fixed length (such as 8 bytes). The actual output length depends on the parameter UMAC-OUTPUT-LEN. UHASH has been shown to be epsilon-ASU ("Almost Strongly Universal"), where epsilon is a small (parameter-dependent) real number. Informally, saying that a keyed hash function is epsilon-ASU means that for any two distinct fixed input strings, the two outputs of the hash function with a random key "look almost like a pair of random strings". The number epsilon measures how non-random ...
IBlockCipher: The basic visible methods of any symmetric key block cipher. A symmetric key block cipher is a function that maps n-bit plaintext blocks to n-bit ciphertext blocks; n being the cipher's block size . This encryption function is parameterised by a k-bit key, and is invertible. Its inverse is the decryption function. Possible initialisation values for an instance of this type are: The block size in which to operate this block cipher instance. This value is optional , if unspecified, the block cipher's default block size shall be used. The byte array containing the user supplied key material to use ...
PasswordFile: The implementation of SRP password files. For SRP, there are three (3) files: The password configuration file: tpasswd.conf. It contains the pairs <N,g> indexed by a number for each pair used for a user. By default, this file's pathname is constructed from the base password file pathname by prepending it with the ".conf" suffix. The base password file: tpasswd. It contains the related password entries for all the users with values computed using SRP's default message digest algorithm: SHA-1 (with 160-bit output block size). The extended password file: tpasswd2. Its name, by default, is constructed ...
DeflateTransformer: A Transformer Adapter allowing inclusion of a DEFLATE compression algorithm in an Assembly chain. The Direction.FORWARD 55 transformation is a compression (deflate) of input data, while the Direction.REVERSED 55 one is a decompression (inflate) that restores the original data. This Transformer uses a java.util.zip.Deflater instance to carry on the compression, and an java.util.zip.Inflater to do the decompression. When using such a Transformer , in an Assembly , there must be at least one element behind this instance in the constructed chain; otherwise, a TransformerException is thrown at initialisation ...
TMMH16: TMMH is a universal hash function suitable for message authentication in the Wegman-Carter paradigm, as in the Stream Cipher Security Transform. It is simple, quick, and especially appropriate for Digital Signal Processors and other processors with a fast multiply operation, though a straightforward implementation requires storage equal in length to the largest message to be hashed. TMMH is a simple hash function which maps a key and a message to a hash value. There are two versions of TMMH: TMMH/16 and TMMH/32. TMMH can be used as a message authentication code, as described in Section 5 (see References). ...
Fortuna: The Fortuna continuously-seeded pseudo-random number generator. This generator is composed of two major pieces: the entropy accumulator and the generator function. The former takes in random bits and incorporates them into the generator's state. The latter takes this base entropy and generates pseudo-random bits from it. There are some things users of this class must be aware of: Adding Random Data This class does not do any polling of random sources, but rather provides an interface for adding random events. Applications that use this code must provide this mechanism. We use this design because ...
SRP6KeyAgreement: The Secure Remote Password (SRP) key agreement protocol, also known as SRP-6, is designed by Thomas J. Wu (see references). The protocol, and its elements are described as follows: N A large safe prime (N = 2q+1, where q is prime) All arithmetic is done modulo N. g A generator modulo N s User's salt I Username p Cleartext Password H() One-way hash function ^ (Modular) Exponentiation u Random scrambling parameter a,b Secret ephemeral values A,B Public ephemeral values x Private key (derived from p and s) v Password verifier The host stores passwords using the following formula: x = H(s | H(I ":" ...
HMac: The implementation of the HMAC (Keyed-Hash Message Authentication Code). HMAC can be used in combination with any iterated cryptographic hash function. HMAC also uses a secret key for calculation and verification of the message authentication values. The main goals behind this construction are To use, without modifications, available hash functions. In particular, hash functions that perform well in software, and for which code is freely and widely available. To preserve the original performance of the hash function without incurring a significant degradation. To use and handle keys in a simple ...
Serpent: Serpent is a 32-round substitution-permutation network block cipher, operating on 128-bit blocks and accepting keys of 128, 192, and 256 bits in length. At each round the plaintext is XORed with a 128 bit portion of the session key -- a 4224 bit key computed from the input key -- then one of eight S-boxes are applied, and finally a simple linear transformation is done. Decryption does the exact same thing in reverse order, and using the eight inverses of the S-boxes. Serpent was designed by Ross Anderson, Eli Biham, and Lars Knudsen as a proposed cipher for the Advanced Encryption Standard. Serpent ...
CipherAdapter: The implementation of a generic javax.crypto.Cipher Adapter class to wrap GNU Crypto cipher instances. This class defines the Service Provider Interface ( SPI ) for the javax.crypto.Cipher class, which provides the functionality of symmetric-key block ciphers, such as the AES. This base class defines all of the abstract methods in javax.crypto.CipherSpi , but does not define the (non-abstract) key wrapping functions that extended the base cipher SPI, and these methods thus immediately throw an java.lang.UnsupportedOperationException . If a cipher implementation provides this functionality, or if ...
EAX: A conventional two-pass authenticated-encrypted mode, EAX. EAX is a Authenticated Encryption with Additional Data ( AEAD ) scheme, which provides protection and authentication for the message, and provides authentication of an (optional) header. EAX is composed of the counter mode (CTR) and the one-key CBC MAC (OMAC). This class makes full use of the IAuthenticatedMode interface, that is, all methods of both IMode and gnu.javax.crypto.mac.IMac can be used as specified in the IAuthenticatedMode interface. References: M. Bellare, P. Rogaway, and D. Wagner; A Conventional Authenticated-Encryption ...
Cascade: A Cascade Cipher is the concatenation of two or more block ciphers each with independent keys. Plaintext is input to the first stage; the output of stage i is input to stage i + 1 ; and the output of the last stage is the Cascade 's ciphertext output. In the simplest case, all stages in a Cascade have k -bit keys, and the stage inputs and outputs are all n-bit quantities. The stage ciphers may differ (general cascade of ciphers), or all be identical (cascade of identical ciphers). The term "block ciphers" used above refers to implementations of gnu.crypto.mode.IMode , including the gnu.crypto.mode.ECB ...

Home | Contact Us | Privacy Policy | Terms of Service